A security researcher has publicly disclosed an unpatched zero-day vulnerability in all supported versions of Microsoft Windows operating system (including server editions) after the company failed to patch a responsibly disclosed bug within the 120-days deadline. [1]